• Documentation

    Elanat Documentation
    The most important feature of Elanat is its add-ons-oriented structure. Add-ons-oriented structure allows you to create your own Add-ons without conflicting with Eanat core.

    Structure - Minimum software quality report

    Minimum software quality report


    Introduction to Elanat Framework Architecture:

    As explained in the software architecture section, the Elanat framework is a add-on-oriented framework; each add-on can be either part of a web page or a separate web page.

    Note: In quality control systems, the proprietary mechanism of the Elanat framework is called an unknown action when calling executable files in other executable files.


    Risk code analysis:

    The Risk Code Analysis section analyzes programming code and identifies codes that compromise system security.

    In the Risk Code Analysis section, the "Review SQL queries for security vulnerabilities" warning is repeated four times, which includes repeating the warning about improper query string management (SQL Injection and XSS warning).

    The following codes are two examples of warnings in the Risk Analysis section of the DataBase class:

    The first line of code is repeated in the GetCommand and SetCommand methods.

    The second line of code is also repeated in the GetProcedure and SetProcedure methods.

    This warning puts the following query string method in the category of risky code.

    To solve this problem, the Risk Code Analysis section recommends query string writing by sending a parameter. The example of sending a parameter to a query string is specified in the following paragraph:

    In order to facilitate the coding and higher readability of the programming code, the methods of the DataBase class in the Elanat framework are called as follows and only in one line of the programming code:

    In the internal code section of the DataBase class methods, a loop sends all the values to the corresponding parameters.

    Conclusion: The structure of DataBase class methods in Elanat framework uses the method of sending parameters to the query string, but the risk code analysis section is not able to identify the structure of DataBase class methods.


    Performance Analysed:

    The performance analysis section identifies the parts of the programming code that impose a lot of processing on the processor.

    The usage history of processing resources when analyzing the performance of the Elanat framework is shown in the image below:

    In the performance analysis section, two sections of programming code that have the highest consumption of processing resources were identified; both of these sections are related to executable executable files.

    The following image shows information about the classes called by these two sections:

    The image below shows the PathAccessHandler class; the red line of code invokes the ProcessRequest class; the task of the ProcessRequest class is to execute .NET executable files (with the aspx extension).

    Methods in the PageLoader class execute each executable file separately; the return value of these methods is the result of executing one executable file into another executable file.

    The following figure shows one of the methods in the PageLoader class:

    Conclusion: Due to the architecture of Elanat framework, the operation of calling executable files, in other executable files, requires the use of more processing resources; therefore, more features require more processing.


    Messages:

    The messages section examines html files for compliance with web standards.

    It was mentioned in the introduction that each of the add-ons can be part of a web page; error management tools get errors from html files that are only part of a web page; these errors are ignored due to the architecture of the Elanat framework.

    Figure 5 shows a complete web page, and error management tools do not object to the structure of these files.

    Figure 6 shows a variable web page.

    Figure 7 shows the contents of the add-on file.

    The Elanat framework first calls the variable web page and then replaces the variable value ($ _body_value;) with the content of the add-on file.

    Conclusion: Error management tools introduce the structure of this type of file as non-standard.


    Get add-on implementation architecture
    Receive run add-on flowchart
    Receive ERD chart